You may need to update the trust relationship between vRealize Automation and Guest Agents if you updated or replaced an IaaS certificate. Guest Agents run on the virtual machine template that is used for provisioning through vRealize Automation.

About this task

You do not need to entirely reinstall Guest Agents in order to reestablish the trust relationship with vRealize Automation. The cert.pem file that resides on the machine on which the Guest Agent is installed contains the certificate trust data. In order to reestablish trust, this file must be updated.

The location of this file depends on whether the Guest Agent runs under Windows or Linux.

Table 1. Guest Agent Certificate File Locations

Operating System

Folder

Windows

c:\vrmguestagent\cert.pem

Linux

/usr/share/gugent/cert.pem

Update the cert.pem file by running the appropriate commands.

Prerequisites

  • Obtain the server name and IP address of the server that runs the IaaS Manager Service.

  • If necessary, convert the template on which the Guest Agent is installed to a virtual machine.

Procedure

  1. Run the operating system appropriate commands in an elevated command prompt.

    Option

    Description

    Windows

    Run the following commands:

    1. cd c:\vrmguestagent

    2. echo | openssl s_client -connect manager_service_load_balancer.mycompany.com:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > cert.pem

    Linux

    Run the following commands:

    1. cd /usr/share/gugent

    2. echo | openssl s_client -connect ​​ manager_service_load_balancer.mycompany.com:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > cert.pem

  2. If applicable, convert the Guest Agent virtual machine back to a template.